package cn.jasonone.interceptors;

import java.util.List;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.stereotype.Component;
import org.springframework.util.AntPathMatcher;
import org.springframework.web.servlet.HandlerInterceptor;

import cn.jasonone.bean.SysResource;
import cn.jasonone.bean.SysUser;
@Component
public class AuthorityInterceptor implements HandlerInterceptor {

	@Override
	public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
			throws Exception {
		SysUser user = (SysUser) request.getSession().getAttribute("LOGIN_STATUS");
		List<SysResource> resources = user.getResources();
		String uri = request.getRequestURI();
		uri=uri.replace(request.getContextPath(), "");
		AntPathMatcher antPath=new AntPathMatcher();
		for (SysResource sysResource : resources) {
			 if(sysResource.getUrl()!=null&&antPath.match(sysResource.getUrl(), uri)) {
				 return true;
			 }
		}
		response.sendError(403);
		return false;
	}
	
}
